Skip to content

Illustration by Security Management

GAO Report on Terrorism Risk Insurance Act: The Program Has Been Effective

On Monday, the U.S. Government Accountability Office (GAO) released the findings from a study into the effectiveness and exposure of the Terrorism Risk Insurance Act (TRIA, which was passed after the terrorist attacks on 11 September 2001 to stabilize commercial property and casualty insurance markets thrown in disarray by the threat of future terror attacks.

TRIA forced insurance companies to include damage from terrorist attacks in their coverage options, and in return the federal government would decrease the burden on insurance companies by sharing losses with them based on certain financial thresholds. Initially designed as a short-term solution, TRIA was reauthorized several times throughout the years—most recently in 2019—albeit with financial thresholds that gradually shifted more burdens to the insurance companies and away from the federal government. Currently, TRIA is set to expire at the end of 2027.

Portion of graphic from GAO-20-348. See page 12 of the report for the full graphic. 


A general finding in the GAO report is that the program has been a success:

Available evidence indicates that TRIA has been largely effective in meeting its statutory objectives of stabilizing the terrorism risk insurance market. First, terrorism risk insurance is available in the market for a relatively low cost and is purchased by the majority of commercial policyholders in the United States, according to industry reports. Second, private reinsurance capacity for terrorism risk insurance increased since the creation of the program, according to Treasury. Third, our analysis of Treasury data suggests there is market stability. Insurers in all of Treasury’s reporting categories largely remained in the market. Furthermore, the market share and number of insurers in the reporting categories generally remained stable.

One primary recommendation from the GAO report is for the Treasury Department to better communicate how what it calls “policyholder retention” figures into the financial triggers of the TRIA program. Policyholder retention essentially is the deductible that organizations have on property/casualty insurance contracts.

There are two thresholds to consider, and the policyholder retention factors into one of them, but not the other. Policyholder retention is factored into the calculation to determine if a terrorist event rises to the financial threshold to trigger TRIA, which is currently $5 million. That is, an individual act of terror that causes more than $5 million of damage means the act itself is considered a terrorist act that is covered by TRIA. The second financial threshold is the amount the insurance company must payout before they receive loss-sharing assistance from the federal government; currently that threshold is set at $200 million. The confusion stems from the fact that Treasury excludes policyholder retention from the $200 million calculation. The GAO interviewed 12 insurance executives on this aspect of TRIA, and only one had a clear understanding that aligned with Treasury’s interpretation.

While the differeing interpretations may seem minute, they could lead to multi-million dollar discrepencies in what the federal government covers during a terrorist incident, which, the report says, could lead to protracted legal battles and potentially undermine the success of the program.